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TITLE OF THE INVENTION 

DATA USAGE CONTROLLING APPARATUS THAT PREVENTS THE 
UNAUTHORIZED USE OF MAIN DATA BY UPDATING A TYPE 1 AND A 
TYPE 2 KEY USED FOR PROTECTING THE MAIN DATA IN ACCORDANCE 
5 WITH USAGE OF THE MAIN DATA 

BACKGROUND OF THE INVENTION 

(1) Field of the Invention 

The present invention relates to a data usage 
10 controlling apparatus that limits the usage of main data 
according to judgements made on condition information 
recorded on a same recording medium as the main data. In 
particular, the invention relates to a data usage 
controlling apparatus that encrypts condition information 
15 using a type 2 key and records the encrypted condition 
information onto a recording medium along with the type 
2 key that is encrypted using a type 1 key. 

(2) Related Art 

20 Images and music are increasingly being stored in a 

digital form. Digitization of such information allows 
high quality to be preserved regardless of how often the 
content is used. Since images and music are usually 
subject to copyrights , the ease with which digitized images 

25 and music can be transmitted, copied and distributed makes 
it relatively simple for users to use digitized images and 
audio in an illegal manner. 
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Legal steps are being taken to stop the illegal use 
of copyrighted materials though more importantly several 
data usage controlling systems have been proposed • Such 
systems allow valid usage of digital content, such as 
5 copyrighted material, but prevent illegal operations from 
being made. 

Japanese Laid-open Patent Application No . H09-185501 
discloses a software executing system as one type of data 
usage controlling system. This system stops users from 

10 illegally using (i.e., executing) software, which is 

regarded as one form of digital content. This software 
executing system is described below. 

FIG. 1 is a first block diagram showing the 
composition of a recording medium 300 and an executing 

15 apparatus 400 included in this conventional software 

executing system, while FIG. 2 is a second block diagram 
showing the compositions of the recording medium 300 and 
the executing apparatus 400. In these drawings, the 
executing apparatus 400 included in this software 

20 executing system is shown split into the part in FIG. 1 
that handles the execution of software and the part shown 
in FIG. 2 that handles the updating (by encrypting with 
a random number) of the supplementary key of the recording 
medium. This depiction of the executing apparatus 400 in 

25 two parts is merely to assist understanding, and it should 
be remembered that both parts are provided within the same 
apparatus . 
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As shown in FIG. 1, this conventional software 
executing system includes a recording medium 300 that 
stores various programs to be executed and an executing 
apparatus 400 that selectively executes one of the programs 
5 recorded on the recording medium 300 • 

In more detail, the recording medium 300 stores the 
following information relating to the software program Sa: 

(1) an encrypted copy E (Ka/ Sa) of the software program 
Sa produced by encrypting the software program Sa itself 

10 using the software key Ka (the copy hereafter being referred 
to as the "encrypted software E(Ka, Sa)"); 

(2) an encrypted software key/execution number 
E(Ra/ (KA,nA) ) that is produced by encrypting a combination 
of the software key Ka and the remaining number of possible 

15 executions nA for the software program Sa using an exclusive 
supplementary key Ra for the software program Sa; and 

(3) an encrypted supplementary key E(R,Ra) produced 
by encrypting the supplementary key Ra using a random number 
R. 

20 In the same way^. the recording medium 300 stores the 

following information relating to the software program Sb: 

(1) an encrypted copy E(Kb,Sb); 

(2) an encrypted software key/execution number 
E (Rb, (KB^ns) ) ; and 

25 (3) an encrypted supplementary key E(R,Rb). 

The notation E(y,x) used in this specification 
indicates that the information x has been encrypted using 
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the information y as the encryption key. While the present 
example shows the case where the recording medium 300 only 
records the two software programs Sa and Sb/ it is customary 
for three or more programs to be recorded with the 
5 information described above relating to their execution. 
As shown in FIG. 1^ the part of the executing 
apparatus 400 that handles the execution of software 
includes the following functional components 401-408. A 
random number storing unit 401 stores a random number in 

10 a manner that prevents its stored content being read or 
changed from outside the apparatus • A first decrypting 
unit 4 02 decrypts an encrypted supplementary key (e.g., 
E (R, Ra) ) stored on the recording medium 300 using the random 
number R stored in the random number storing unit 401. A 

15 second decrypting unit 403 decrypts an encrypted software 
key/execution number (e.g., E (Ra, (Ka, nA) ) ) stored on the 
recording medium 300 using the supplementary key decrypted 
by the first decrypting unit 402. A third decrypting unit 
404 decrypts the encrypted software (e.g., E(Ka,Sa)) using 

20 the software key decrypted by the second decrypting unit 
403. A software executing unit 405 executes the software 
program decrypted by the third decrypting unit 404. An 
execution number examining unit 40 6 examines the 
(remaining) execution number decrypted by the second 

25 decrypting unit 403 when a software program is to be 
executed and informs the software executing unit 405 
whether or not execution is permitted for the software 
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program. An execution number updating unit 4 07 updates 
the execution number in accordance with executions of the 
software program* A first encrypting unit 4 08 encrypts 
the software key decrypted by the second decrypting unit 
5 4 03 and the execution number updated by the execution 
number updating unit 407 using the supplementary key 
decrypted by the first decrypting unit 402 and updates the 
encrypted software key/execution number on the recording 
medium 300. 

10 As shown in FIG. 2, the part of the executing 

apparatus 400 that handles the updating of the encrypted 
supplementary key includes a fourth decrypting unit 411, 
a random number updating unit 412, and a second encrypting 
unit 413. The fourth decrypting unit 411 decrypts the 

15 encrypted supplementary key of every software program on 
the recording medium 300 using the random number stored 
in the random number storing unit 401. The random number 
updating unit 412 updates the random number stored in the 
random number storing unit 401. The second encrypting 

2 0 unit 413 encrypts every supplementary key that has been 
decrypted by the fourth decrypting unit 411 using the 
random number that has been updated by the random number 
updating unit 412, and updates the encrypted supplementary 
key of each software program on the recording medium 300. 

25 The executing apparatus 400 shown in FIGS. 1 and 2 

uses the procedure described below to execute software 
programs stored on the recording medium 300 and update the 
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execution numbers of the executed programs. This 
procedure is called the "software execution procedure". 
In addition, the executing apparatus 400 updates the 
encrypted supplementary keys on the recording medium 300 
5 in accordance with the execution of programs . This is 
achieved by updating the random number used for the 
encrypting and then replacing the encrypted supplementary 
keys using this updated random number. This procedure is 
called the "encrypted supplementary key updating 

10 procedure". 

FIG. 3 is a flowchart showing the software execution 
procedure performed by the executing apparatus 4 00, while 
FIG. 4 is a flowchart showing the encrypted supplementary 
key updating procedure performed by the executing 

15 apparatus 400. The illustrated example focuses on the 
case where the software program Sa is executed, though the 
same procedures will be used when the software program Sb 
is executed. 

As shown in FIG. 3, the software execution procedure 
20^ starts with the executing apparatus 400 obtaining the 
information relating to the software program Sa (which has 
been indicated by a user) from the recording medium 300 
(S301) . This information is the encrypted supplementary 
key E(R,Ra)/^ the encrypted software key/execution number 
25 E (Ra, (Ka/ nA) ) / and the encrypted software E(Ka,Sa). The 
first decrypting unit 402 then decrypts the encrypted 
supplementary key E (R,Ra) using the random number R stored 
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in the random number storing unit 4 01 to obtain the 
supplementary key Ra (3302) . The second decrypting unit 
403 decrypts the encrypted software key/execution number 
E(Ra, (Ka/Ha) ) using this supplementary key Ra to obtain the 
5 software key Ka and the execution number nA (S303) . The 
third decrypting unit 404 then decrypts the encrypted 
software E(Ka,Sa) to obtain the software program Sa (S304) . 

After this^ the execution number examining unit 406 
examines whether the execution number nA obtained in S303 

10 is at least one (S305) . If not (S305:No), the procedure 
ends with the execution number examining unit 4 06 informing 
the software executing unit 405 that execution of the 
software program Sa is not permitted. If the execution 
number nA obtained in S303 is one or greater (S305:Yes) , 

15 the execution number examining unit 4 06 informs the 

software executing unit 405 that execution of the software 
program Sa is permitted, so that the software executing 
unit 405 executes the software program Sa {S306) . 

Once the software program Sa has been executed, the 

2 0 execution number updating unit 407 updates the execution 
number nA to nA* found by subtracting one from the current 
value (i.e., nA' = (nA-l)) (S307) . The first encrypting unit 
408 encrypts a combination of this updated execution number 
nA* and the software key Ka that was obtained in S302 using 

25 the supplementary key Ra (S308) . The encrypted software 
key/execution number E(Ra, (Ka/HaM ) produced by the first 
encrypting unit 408 is then written onto the recording 
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medium 300 in place of the encrypted software key/execution 
number E(Ra, (KA^nA)) (S309) . This completes the software 
execution procedure. 

As shown in FIG. 4, the encrypted supplementary key 
5 updating procedure starts with all of the encrypted 

supplementary keys on the recording medium 30 0 (in this 
case, the encrypted supplementary keys E (R, Ra) andE(R,RB)) 
being obtained (S401) . The fourth decrypting unit 411 
decrypts these encrypted supplementary keys E(R,Ra) and 

10 E(R,Rb) using the random number R stored in the random 
number storing unit 401 to obtain the supplementary keys 
Ra and Rb (S402) . 

Next, the random number updating unit 412 updates the 
random number R in the random number storing unit 401 using 

15 the random number R' (S403) . The second encrypting unit 
413 then encrypts the supplementary keys Ra and Rg obtained 
in S402 using the new random number R' (S404) . These 
encrypted supplementary keys E(R', Ra) and E(R',Rb) are 
then stored on the recording medium 300 in place of the 

20 encrypted supplementary keys E(R,Ra) and E(R,Rb) {S405) . 
This completes the encrypted supplementary key updating 
procedure . 

In this conventional software executing system, the 
software key and the execution number are stored on the 
25 recording medium in an encrypted form. This prevents 

users from editing the content of this data and so prevents 
the software programs from being used illegally. 
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In particular, the above procedure has an updated 
random number stored in the executing apparatus 400 and 
on the recording medium 300 whenever a software program 
is executed. As one example, even if all the information 
5 on the recording medium 300 is copied, the copied recording 
medium 300 cannot be executed on any executing apparatus 
aside from the executing apparatus 400 . Also, if a user 
somehow stopped the executing apparatus 400 writing (i.e. 
updating) information on the recording medium 300, the 
10 executing apparatus 400 would thereafter not be able to 
use the recording medium 300. This means that this 
conventional software executing system is capable of 
preventing users from making certain illegal uses of 
software . 

15 The above software executing system is however 

incapable of preventing users from illegally using 
software by backing up and later restoring part of the 
information on the recording medium 300. Users can back 
up an encrypted software key/execution number of a program 

20 recorded on the recording medium 300, execute the program 
a number of times, and then restore the backed-up copy of 
the encrypted software key/execution number. Execution 
of the software will thereafter be permitted according to 
this restored software key/execution number, so that users 

25 will be able to execute the software program in excess of 
the permitted number of executions . 

The following is a detailed description of the 



9 



illegal use of software in the above software executing 
system* FIG. 5 shows a specific example of the processing 
by the executing apparatus 400 and the changes in the data 
on the recording medium 300 that accompany the execution 
5 of the software program Sa in the above software executing 
system. FIG. 6 is a first drawing showing illegal usage 
of a conventional software execution system^ while FIG. 
7 is a second drawing showing illegal usage. 

In the example in FIG. 5, the value "09185501" (in 

10 base 10) is used as supplementary key Ra, the value 
"11119442" is used as the software key Ka/ the value 
"02834370" as the random number R, and the value "97477116" 
as the random number R' . These supplementary keys^ 
software keys and random numbers are used as decryption 

15 and encryption keys by the respective decrypting units and 
encrypting units when performing predetermined decryption 
and encryption algorithms. 

In this conventional software executing system;, the 
execution of the software program Sa is accompanied by the 

20 execution number updating unit 407 updating the execution 
number (=5) to the updated execution number nA' (=4) . The 
first encrypting unit 4 08 encrypts this updated execution 
number Ua' along with the software key Ka using the 
supplementary key Ra and stores the result on the recording 

25 medium 300, so that the encrypted software key/execution 
number E (Ra, (Ka, nA) ) on the recording medium 3 00 is replaced 
with the encrypted software key/execution number 
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E(Ra, (Ka^HaM ) . 

When the software program is executed, the random 
number updating unit 412 updates the random number R to 
the random number R' . This updated random number R' is 
5 then used to encrypt the supplementary key R^ and the result 
is stored on the recording medium 300. As a result, the 
encrypted supplementary key E(R,Ra) is replaced with the 
encrypted supplementary key E(R\Ra). 

As shown in FIG. 6, the software execution procedure 

10 described above (FIG. 3) updates the encrypted software 
key/ execution number and the encrypted supplementary key 
updating procedure (FIG. 4) updates the encrypted 
supplementary keys . 

When the software program is executed for the first 

15 time, the software execution procedure updates the 

encrypted software key/execution number E (R^^ (K^, n^' ) ) 
where nA'^n^-l (see columns (a) and (b) in FIG. 6), while 
the encrypted supplementary key updating procedure updates 
the encrypted supplementary key from E(Ro,Ra) to E(Ri,Ra) 

2 0 where Rit^Rq. Here, assume that the encrypted software 

key/execution number E (Ra^- (K^, n^i) ) is recorded ("backed 
up") by a given information recording apparatus (see 
columns (b) and (c) in FIG. 6) . 

As shown in FIG. 7, when the software program Sa is 

25 executed for a k^^ time (the software program Sa having 
already been executed k-2 times where k is an integer that 
is two or greater) , the software execution procedure 
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updates the encrypted software key/execution number from 
E(Ra, (KA,nA(k-i)) ) where nA(k-i)=nAO-k+l to E(Ra, (KA,nAk) ) where 
nAk=nAo-k (see columns (a) and (b) in FIG. 7) . 
The encrypted supplementary key updating procedure updates 
5 the encrypted supplementary key from E (Rk-i/RA) to E {R].,Rp,) , 
where Rk-i7^Ro/ Ri,"- , Rk-2 and Rk?^Ro/ Ri / * * ' / Rk-i (see columns 
(b) and (c) in FIG. 7) . 

Assume that after the software program Sa has been 
executed for the k^"" time, the user restores the backed-up 
10 encrypted software key/execution number E (Ra, (Ka, Hai) ) 

onto the recording medium 300 (see column (d) in FIG. 7) . 
An executing apparatus 400 with the construction and 
operation shown in FIGS. 1 to 4 will end up executing the 
software program Sa in accordance with the illegally 
15 restored encrypted software key/execution number 
E (Ra, (Ka, nAi) ) , resulting in the user executing the 
software program SAmore that the permitted number of times . 
By repeating this restoring of the encrypted software 
key/execution number E (Ra, (Ka, nAi) ) , the user can 
20 completely invalidate the setting of the execution number 
and can execute software on the recording medium as many 
times as he or she likes . 

SUMMARY OF THE INVENTION 
25 In view of the problems with the conventional art, 

it is a first object of the present invention to provide 
a data usage controlling system that prevents users from 
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illegally using main data by backing up condition 
information, such as limitations on the usage of the main 
data, and then restoring the backed-up copy of the 
condition information after making several uses of the main 
5 data . 

The data usage controlling system of the present 
invention (1) reads (a) main data, (b) a type 2 key that 
has been encrypted using a type 1 key, and (c) condition 
information that has been encrypted using the type 2 key 

10 from a recording medium. The data usage controlling 
system also reads the type 1 key from a predetermined 
storage unit, decrypts the condition information using the 
type 2 key, and subsequently controls usage of the main 
data read from the recording medium in accordance with the 

15 decrypted condition information. 

In accordance with the usage of the main data, the 
data usage controlling system updates the condition 
information, generates a new type 2 key, updates the stored 
type 1 key, encrypts the condition information using the 

20 newly generated type 2 key, and replaces the encrypted type 
2 key on the recording medium. The data usage controlling 
system also encrypts the newly generated type 2 key using 
the updated type 1 key and replaces the encrypted type 2 
key on the recording medium. 

25 If the user backs up the condition information 

(including the execution number) on a certain information 
recording apparatus and restores the backed-up copy after 
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making several uses of the main data^ the supplementary 
key that was used to encrypt the restored condition 
information will differ from the supplementary key stored 
on the recording medium, so that the present data usage 
5 controlling system is capable of preventing users from 
making conventionally possible illegal operations in which 
main data is made usable by changing the originally set 
condition information by restoring a backed-up copy of the 
condition information. 

10 Another data usage controlling apparatus of the 

present invention reads (a) main data, (b) a type 2 key 
that has been encrypted using a type 1 key, and (c) 
condition information that has been encrypted using the 
type 2 key from a recording medium storing n (where n is 

15 an integer no less than two) sets of main data, a type 2 
key, and condition information. The data usage 
controlling system also reads the type 1 key from a 
predetermined storage unit, decrypts the condition 
information .using the type 2 key, and controls usage of 

20 the read main data in accordance with the decrypted 
condition information . 

This data usage controlling apparatus generates a new 
type 2 key in accordance with usage of the main data, 
encrypts the decrypted condition information using the new 

25 type 2 key and replaces the encrypted condition information 
on the recording medium with the newly encrypted condition 
information. The data usage controlling apparatus also. 
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decrypts all (n-1) encrypted type 2 keys on the recording 
medium that are not the updated type 2 key using the type 
1 key, updates the type 1 key after all (n-1) encrypted 
type 2 keys have been decrypted, encrypts all n type 2 keys 
using the updated type 1 key, and replaces all n encrypted 
type 2 keys on the recording medium with the newly encrypted 
type 2 keys . 

As a result, the type 2 keys that are used to encrypt 
the condition information are updated in accordance with 
the usage of the main data, thereby achieving greater 
protection against the copying and alteration of the 
condition information than was conventionally possible. 
This means that the illegal usage of the main data through 
the alteration of the initially set condition information 
(such as an expiry date, number of executions, or specified 
region of use) is prevented for a recording medium storing 
a plurality of sets of main data.. 

Here, the data usage controlling system may update 
the decrypted condition information in accordance with the 
use of the main data, encrypts this new condition 
information using the newly generated type 2 key, and use 
the resulting encrypted condition information to replace 
the encrypted condition information on the recording 
medium. 

As a result, the present data usage controlling 
system is capable of preventing the conventionally 
possible illegal usage of main data on a recording medium. 
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which stores a plurality of sets of main data, wherein a 
user restores a backed-up copy of the condition 
information . 

BRIEF DESCRIPTION OF THE DRAWINGS 
5 These and other objects^ advantages and features of 

the invention will become apparent from the following 

description taken in conjunction with the accompanying 

drawings which illustrate a specific embodiment of the 

invention. In the drawings: 
10 FIG. 1 is a first block diagram showing the 

composition of a recording medium 300 and an executing 

apparatus 400 included in a conventional software 

executing system; 

FIG. 2 is a second block diagram showing the 
15 compositions of the recording medium 300 and the executing 

apparatus 400 included in a conventional software 

executing system; 

FIG. 3 is a flowchart showing the software execution 

procedure performed by the executing apparatus 400; 
20 FIG. 4 is a flowchart showing the encrypted 

supplementary key updating procedure performed by the 

executing apparatus 400; 

FIG. 5 shows a specific example of the processing by 

the executing apparatus 400 and the changes in the data 
25 on the recording medium 300 that accompany the execution 

of the software program Sa in this conventional software 

executing system; 
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FIG. 6 is a first drawing showing illegal usage of 
the software program Sa in this conventional software 
execution system; 

FIG. 7 is a second drawing showing illegal usage of 
5 the software program Sa; 

FIG. 8 is a first block diagram showing a recording 
medium 100 and an executing apparatus 200 in a digital 
content usage controlling system that is one embodiment 
of the present invention; 
10 FIG. 9 is a second block diagram showing the recording 

medium 100 and the executing apparatus 200 in this digital 
content usage controlling system; 

FIG. 10 is a flowchart showing the digital content 
using procedure performed by the executing apparatus 200; 
15 FIG. 11 is a flowchart showing the encrypted 

supplementary key updating procedure performed by the 
executing apparatus 200; 

FIG. 12 shows a specific example of the processing 
of the executing apparatus 200 and the resulting changes 
20 to the data on the recording medium 100 that occur when 
the digital content Ma is used by the present digital 
content usage controlling system; 

FIG. 13 is a first drawing that is used to explain 
how the present digital content usage controlling system 
25 prevents the illegal usage of digital contents; and 

FIG. 14 is a second drawing that will be used to 
explain how the present digital content usage controlling 
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system prevents the illegal usage of digital contents. 

DESCRIPTION OF THE PREFERRED EMBODIMENT 
5 The following describes a digital content usage 

controlling apparatus that is an embodiment of the present 
invention, with reference to the attached drawings. 

FIG. 8 is a first block diagram showing a recording 
medium 100 and an executing apparatus 200 in a digital 
10 content usage controlling system that is one embodiment 
of the present invention^ while FIG. 9 is a second block 
diagram showing the recording medium 100 and the executing 
apparatus 200 in this digital content usage controlling 
system. 

15 Like the software executing system described in the 

related art, the executing apparatus 200 of the present 
digital content usage controlling system is described as 
being divided into a part, shown in FIG. 8, that is involved 
in the usage of digital content and a part, shown in FIG. 

2 0 9, that is involved in the updating of the encrypted 

supplementary keys on the recording medium. It should be 
remembered, however, that both these parts are included 
in the same apparatus . 

As shown in FIG. 8, the present digital content usage 

25 controlling system includes a recording medium 100 and an 
executing apparatus 200. The recording medium 100 is a 
hard-disk drive (HDD) or the like, and stores a number of 
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digital contents that can be digitized images, audio or 
the like. The executing apparatus 200 is composed of 
typical computer components, such as a CPU, a RAM, a ROM, 
an HDD etc., and selectively uses (here, reproduces) one 
5 digital content at a time in accordance with a user's 
instruction. Note that the separate operational units 
shown in FIGS. 8 and 9 can be achieved in part or in whole 
by software. 

In more detail, the recording medium 100 stores the 
10 following information for the digital content Ma: 

(1) an encrypted copy E (SK, Ma) produced by encrypting 
the digital content Ma using the key SK that is unique to 
the executing apparatus 200 (the copy hereafter being 
referred to as the "encrypted digital content E(SK,Ma) ") ; 
15 (2) encrypted usage conditions E(Ra, Ia) produced by 

encrypting the usage conditions Ia of the digital content 
Ma using a supplementary key Ra that is unique to the digital 
content Ma; and 

(3) an encrypted supplementary key E(R,Ra) produced 
2 0 by encrypting the supplementary key Ra using a random number 
R. 

The recording medium 100 similarly stores the 
following information for the digital content Mb: 
(1) an encrypted copy E(SK,Mb); 
25 (2) encrypted usage conditions E(Rb,Ib); and 

(3) an encrypted supplementary key E(R,Rb). 
The usage conditions Ia and Ib are each composed of 
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information limiting the usage of the digital contents 
and Mb, such as an expiry date, a permitted number of 
executions, and/or a region of use. The digital contents 
Ma and Mb are therefore reproduced in accordance with these 
5 usage conditions Ia and Ib- 

The part of the executing apparatus 200 that relates 
to the usage {e.g., reproduction) of digital contents 
includes the following functional components. A random 
number storing unit 201 stores a random number in a manner 

10 that prevents its stored content being read or changed from 
outside the executing apparatus 200. This random number 
storing unit 201 can be composed of a circuit that does 
not have an interface allowing access from outside the 
executing apparatus 200. A first decrypting unit 202 

15 decrypts an encrypted supplementary key stored on the 
recording medium 100 using the random number stored in the 
random number storing unit 2 01 to obtain a supplementary 
key. A second decrypting unit 203 decrypts the encrypted 
usage conditions on the recording medium 100 using the 

20 supplementary key obtained by the first decrypting unit 
202 to obtain the usage conditions. A unique key storing 
unit 209 stores the unique key SK in a manner which prevents 
the unique key from being read or written from outside the 
executing apparatus 200. A third decrypting unit 204 

25 decrypts an encrypted digital content using the unique key 
stored in the unique key storing unit 209 to obtain a 
digital content. A digital content using unit 205 uses 
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the digital content ("using" meaning "reproducing" in the 
case of audio or image information) decrypted by the third 
decrypting unit 204 . A usage condition examining unit 206 
examines the usage conditions decrypted by the second 
5 decrypting unit 203 when a digital content is to be used, 
judges whether the usage of the digital content is 
permitted, and informs the third decrypting unit 204 
whether or not decrypting is permitted for the digital 
content. A usage condition updating unit 207 updates the 

10 usage conditions, such as the remaining number of permitted 
executions, in accordance with the usage of digital 
contents* A supplementary key generating unit 210 
generates a new supplementary key in accordance with the 
usage of digital contents. A first encrypting unit 208 

15 uses the supplementary key generated by the supplementary 
key generating unit 210 to encrypt the usage conditions, 
which have been updated by the usage condition updating 
unit 207, and so updates the encrypted usage conditions 
on the recording medium 100. 

2 0 As shown in FIG. 9, the part of the executing 

apparatus 200 that relates to the updating of the encrypted 
supplementary key includes the following functional 
components. A fourth decrypting unit 211 decrypts the 
encrypted supplementary key of each digital content stored 

25 on the recording medium 100 using the random number stored 
in the random number storing unit 201, and so obtains the 
supplementary key of each digital content. A random 
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number updating unit 212 updates the random number stored 
in the random number storing unit 2 01 . A second encrypting 
unit 213 uses the random number updated by the random number 
updating unit 212 to encrypt the supplementary key (R^' 
5 in FIG. 9) generated by the supplementary key generating 
unit 210 and the supplementary keys (here^ Rb) of all 
digital contents on the recording medium 100 except for 
the digital content that has just been used, before storing 
the encrypted supplementary keys onto the recording medium 

10 100 to update the encrypted supplementary key of each 
digital content. 

Like the executing apparatus 400 described in the 
related art, this executing apparatus 200 with the 
construction shown in FIGS. 8 and 9 performs a digital 

15 content using procedure to selectively use a digital 

content and update the usage conditions on the recording 
medium 100 and an encrypted supplementary key updating 
procedure to update the encrypted supplementary keys on 
the recording medium 100 at an appropriate timing. 

20 FIG. 10 is a flowchart showing the digital content 

using procedure performed by the executing apparatus 200, 
while FIG. 11 is a flowchart showing the encrypted 
supplementary key updating procedure performed by the 
executing' apparatus 200. The illustrated example is for 

25 the case where the user has already selected the digital 
content Ma on the recording medium 100 for reproduction, 
although the same procedure is used when the digital 
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content Mb is selected. 

As shown in FIG. 10, the digital content using 
procedure starts the information relating to the digital 
content Ma (i.e,, the encrypted supplementary key E(R,Ra) / 
5 the encrypted usage conditions E (Ra, Ia) / and the encrypted 
digital content E(SK,Ma)) being obtained from the 
recording medium 100 (SlOl) . Next, the first decrypting 
unit 202 decrypts the encrypted supplementary key E(R,Ra) 
using the random number R stored in the random number 

10 storing unit 201 to obtain the supplementary key Ra (S102) . 
The second decrypting unit 2 03 then decrypts the encrypted 
usage conditions E(Ra, Ia) using this supplementary key Ra 
to obtain the usage conditions Ia (S103) . 

Next, the usage condition examining unit 206 examines 

15 the usage conditions Ia obtained in S103 to see if the 
limitations regarding the expiry date, number of uses, and 
region of use etc. are satisfied (S104) , 

If the usage conditions Ia are not satisfied (S104 :No) , 
the usage condition examining unit 20 6 informs the third 

2 0 decrypting unit 204 that the digital content Ma cannot be 
used, thereby completing the digital content using 
procedure , 

If the usage conditions Ia are satisfied (S104:Yes) , 
the usage condition examining unit 20 6 informs the third 
25 decrypting unit 204 that the digital content Ma can be used. 
The third decrypting unit 204 starts to decrypt the 
encrypted digital content E(SK>Ma) using the unique key 
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SK Stored in the unique key storing unit 209 and the digital 
content using unit 205 starts to use the digital content 
Ma that is being decrypted (S105) . In this case, the 
digital content Ma is digitized music, so that "using" the 
5 digital content means reproducing the music represented 
by the digital content Ma- 

This usage of the digital content Ma is accompanied 
by the usage condition updating unit 207 reducing the 
execution number by one to update the usage conditions Ia 
10 to the usage conditions Ia' (S106) . The supplementary key 
generating unit 210 generates a new supplementary key Ra' 
that differs from the supplementary key Ra that was used 
by the second decrypting unit 203 (S107) . 

The first encrypting unit 208 encrypts the usage 
15 conditions Ia' produced in S106 using the supplementary 
key Ra' generated in S107 to produce the encrypted 
supplementary key E(Ra',Ia') and stores this onto the 
recording medium 100 to update the encrypted usage 
conditions (S108) . This completes the digital content 
20 using procedure. 

As shown in FIG. 11, the encrypted supplementary key 
updating procedure begins with the executing apparatus 200 
obtaining an encrypted supplementary key of each digital 
content on the recording medium 100 (in this case the 
25 encrypted supplementary keys E{R,Ra) and E(R,Rb) ) (S201) . 
The fourth decrypting unit 211 then decrypts each of these 
encrypted supplementary keys E(R,Ra) and E(R,Rb) using the 
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random number R stored in the random number storing unit 
201 to obtain the supplementary keys Ra and Rg (S202) . 

Next, the random number updating unit 212 updates the 
random number R in the random number storing unit 2 01 to 
5 the random number R' (S2 03) . Of the supplementary keys 
Ra and Rg obtained in S202, the supplementary key Ra that 
was used to decrypt the usage conditions of the digital 
content Ma is replaced with the supplementary key Ra' 
generated in S107 (S204) . The second encrypting unit 213 

10 encrypts the supplementary keys Ra' and Rb using the random 
number R' that was updated in step S203 (S205) , and the 
resulting encrypted supplementary keys E(R\Ra') and 
E(R',Rb) are recorded on the recording medium 100 in place 
of the encrypted supplementary keys E(R,Ra) and E(R,Rb) 

15 (S20 6) . This completes the encrypted supplementary key 
updating procedure. 

In this digital content usage controlling system, 
each supplementary key is stored on the recording medium 
having been encrypted using a random number, the usage 

20 conditions are stored having been encrypted using a 

supplementary key, and the digital contents are stored 
having been encrypted using a unique key. This stored 
information cannot be edited and illegal usage of the 
digital content is prevented* 

25 The procedures described above result in an updated 

random number being stored in the executing apparatus 200 
and on the recording medium 100 every time a digital content 
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is executed. If a user were to copy all of the information 
on the recording medium 100, it would not be possible to 
use the copied recording medium on any executing apparatus 
apart from the executing apparatus 200. Alternatively, 
5 if the user somehow prevented the executing apparatus 200 
from updating the information on the recording medium 100, 
the executing apparatus would not be able to use the 
recording medium 100 thereafter. This means that the 
present digital content usage controlling system is 

10 capable of preventing certain illegal usage of digital 
content in the same way as the software executing system 
described in the related art. 

Like the software executing system described in the 
related art section, the execution apparatus in the present 

15 digital content usage controlling system stores only one 
random number for a number of digital contents on the 
recording medium. This reduces the size of the 
inaccessible storage area in the executing apparatus when 
compared to the case where a different random number 

20 (encryption key) is used for each of a number of digital 
contents, and in turn reduces the cost of manufacturing 
a device capable of stopping the certain illegal uses of 
a digital content. 

Unlike the system described in the related art, the 

25 present digital content usage controlling system is also 
capable of preventing the illegal usage of the main data 
(i.e., digital contents) stored on the recording medium 
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that was described using FIGS. 5 to 7 . This illegal usage 
is the case where a user changes the stored content of the 
recording medium after several uses of a digital content 
by restoring a backed-up copy of the usage conditions made 
previously. This illegal operation would normally enable 
the user to use the digital content in excess of the 
permitted number of operations. The following describes 
how the present digital content usage controlling system 
stops such illegal operations, with reference to FIGS. 12 
to 14, which correspond to FIGS. 5 to 7 . 

FIG. 12 shows a specific example of the processing 
of the executing apparatus 200 and the resulting changes 
to the data on the recording medium 100 that occur when 
the digital content Ma is used by the present digital 
content usage controlling system. FIG. 13 is a first 
drawing and FIG. 14 is a second drawing that will be used 
to explain how the present digital content usage 
controlling system prevents the illegal usage of digital 
contents . 

In the example shown in FIG. 12, the supplementary 
key Ra is assumed to be "05142578" (in base 10), the 
supplementary key Ra' is assumed to be "10558190", the 
random number R is assumed to be "09326166", and the random 
number R' is assumed to be "07343820". The various 
decrypting (and encrypting) units use these supplementary 
keys and random numbers as decryption (encryption) keys 
when performing predetermined encryption (or decryption) 
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algorithms. As an actual example, the encryption keys may 
be used in block encryption such as DES (Data Encryption 
Standard) . 

In the present digital content usage controlling 
5 system, the usage of a digital content Ma is accompanied 
in particular by the following operations. The usage 
condition updating unit 207 updates the usage number in 
the usage conditions Ia from I2A (=8) to I2a' (=7) . The 
supplementary key generating unit 210 generates a 

10 different supplementary key Ra' to the supplementary key 
Ra which was read from the recording medium 100 and 
decrypted. The first encrypting unit 208 encrypts the 
usage conditions Ia* including the updated usage number 
I2a' using the generated supplementary key Ra' and stores 

15 the result on the recording medium 100, so that the 

encrypted usage conditions E (Ra, Ia) on the recording medium 
100 are updated to the encrypted usage conditions 
E(Ra'/Ia')- In accordance with the usage of the digital 
content Ma, the random number updating unit 212 updates 

20 the random number R to R* . The second encrypting unit 213 
encrypts the generated supplementary key Ra using this 
updated random number R' and the result is stored on the 
recording medium 100 so that the encrypted supplementary 
key E(R, Ra) on the recording medium 100 is updated to 

25 E (R' ,Ra* ) • 

As shown in FIG. 13, the encrypted usage conditions 
are updated by the digital content using procedure (shown 
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in FIG* 10) f while the encrypted supplementary keys are 
updated by the encrypted supplementary key updating 
procedure (shown in FIG. 11) . 

When the digital content Ma is used for the first time, 
5 the digital content using procedure updates the encrypted 
usage conditions E(Rao/Iao)/ where the usage conditions Iao 
include the usage number laAOf to the encrypted usage 
conditions E(Rai/Iai)/ where the usage conditions Iai 
include the usage number I2A1 (where I2ai= 12ao~1) (see 

10 columns (a) and (b) in FIG. 13) . The encrypted 

supplementary key updating procedure then updates the 
encrypted supplementary key from E(Ro,Rao) to E(Ri,Rai)/ 
where Rit^Rq and Rait^^ao- Assume here that the encrypted 
usage conditions E(RAiflAi) at this point are backed up by 

15 a certain information storage device (see columns (b) and 
(c) in FIG, 13) . 

As shown in FIG. 14, when the digital content Ma is 
used for the k^^ time (where k is an integer of 2 or more 
and the preceding uses of the digital content Ma are 

20 performed properly) , the digital content using procedure 
updates the encrypted usage conditions E (Rack-d Iaoc-d ) / 
where the usage conditions lA(k-i) include the usage number 
l2ACk-i) {==l2A0 ~ k+1) f to the encrypted usage conditions 
E(RAk^lAk) / where the usage conditions Iajc include the usage 

25 number l2Ak(=l2A0~ k) (see columns (a) and (b) in FIG, 14) . 

The encrypted supplementary key updating procedure 
updates the encrypted supplementary key f rom E (Rj^-i, RA(k-i) ) t 
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where Rk-i Rq, Ri/"', Rk-2 and RA(k-i)7^RA0. RAif * • • / RA(k-2) . to 
E (Rkf RAk) f where Rk 7^ Ro/ Ri / ' ' * f Rk-i and RA(k)7^RA0f Rai/ * ' ' ,RA(k-i) 
(see columns (b) and (c) in FIG. 14) . 

Even if the user restores the backed-up copy of the 
5 encrypted usage conditions E(Rai/Iai) onto the recording 
medium 100 after the digital content Ma has been used for 
the k^^ time (see column (d) in FIG, 14) , the supplementary 
key Rai that was used to encrypt the usage conditions 
E(RAiflAi) will differ from the supplementary key RAk that 

10 is stored on the recording medium 100 as encrypted 

supplementary key E(Rk,RAk) • In this case, the executing 
apparatus 200 will judge that the encrypted usage 
conditions E(Rai/Iai) and the encrypted supplementary key 
E(Rk/RAk) for the encrypted digital content E(SK;rMA) are 

15 invalid. 

In other words, the executing apparatus 200 is 
capable of preventing illegal uses being made in excess 
of the original permitted number of uses. Such illegal 
operations are conventionally possible by using a digital 

20 content on a recording medium a number of times and then 
restoring a backed-up copy of the usage information of the 
digital content onto the recording medium. 

Even if the user backs up both the encrypted usage 
conditions and the encrypted supplementary key and then 

25 restores this information after making several uses of a 
digital content, the random number used to encrypt the 
supplementary key will have been updated every time the 
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digital content was used* This means that it will not be 
possible to use the digital content more than the original 
set number of uses, such as that given in the usage 
conditions . 

5 Note that while the present digital content usage 

controlling system generates a supplementary key every 
time a digital content is used, a supplementary key may 
be generated every time a predetermined number of uses have 
been made of a digital content. The effectiveness of such 

10 a system can be increased if this predetermined number is 
kept secret from users. 

In the above digital content usage controlling system, 
the recording medium is assumed to be a hard disk drive 
(HDD) , a memory card, a DVD-RAM disc or the like, with the 

15 above explanation describing the case where all of the 
mentioned information is recorded on a single recording 
medium. However, the digital content may be recorded on 
a first medium (such as a CD-ROM) that is read-only and 
the encrypted supplementary key and encrypted usage 

20 conditions may be stored on a second medium (such as an 
HDD) that is rewritable. 

Part or all of the information can be managed by an 
information managing apparatus and then obtained from the 
information managing apparatus by an executing apparatus 

25 when necessary. As a particular example, a digital 

content may be encrypted using a predetermined encryption 
key which the executing apparatus obtains from the 
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information managing apparatus when using the digital 
content to enable the executing apparatus to decrypt the 
digital content. 

The above digital content usage controlling system 
5 describes the case where the main data recorded on the 
recording medium are digital contents such as moving images,, 
still images, and audio, with usage of such information 
amounting to its reproduction by an executing apparatus. 
However, the information recorded on the recording medium 
10 may be computer programs, in which case usage of the 
information amounts to the execution of the computer 
programs . 

The second decrypting unit in the above digital 
content usage controlling system is described as using a 

15 random number as the encryption key, although this key need 
not be a random number and instead can be a value which 
is updated by performing a predetermined calculation, such 
as by incrementing the current value by one. 

While the executing apparatus in the above digital 

20 content usage controlling system stores the random number, 
the random number may instead be stored on the recording 
medium. 

Although the present invention has been fully 
described by way of examples with reference to accompanying 
25 drawings, it is to be noted that various changes and 

modifications will be apparent to those skilled in the art. 
Therefore, unless such changes and modifications depart 
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from the scope of the present invention, they should be 
construed as being included therein. 
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What is claimed is: 

1 1. A data usage controlling apparatus that 

2 (1) reads a type 1 key from a storage unit and 

3 (a) main data, 

4 (b) an encrypted type 2 key produced by 

5 encrypting a type 2 key using the type 1 key, and 

6 (c) encrypted condition information produced 

7 by encrypting condition information using the type 

8 2 key 

9 from a recording medium, 

10 (2) decrypts the encrypted condition information 

11 using the type 2 key, and 

12 (3) controls usage of the read main data based on the 

13 condition information, 

14 the data usage controlling apparatus comprising: 

15 first updating means for updating the condition 

16 information in accordance with usage of the read main data; 

17 generating means for generating a new type 2 key in 

18 accordance with the usage of the read main data; 

19 first encrypting means for encrypting the updated 

20 condition information using the new type 2 key and 

21 replacing the encrypted condition information on the 

22 recording medium with the encrypted updated condition 
2 3 information; 

24 second updating means for updating the type 1 key in 

25 the storage unit in accordance with the usage of the read 
2 6 main data; and 
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27 second encrypting means for encrypting the new type 

28 2 key using the updated type 1 key and replacing the 
2 9 encrypted type 2 key on the recording medium with the 
30 encrypted new type 2 key. 

1 

1 2 . A data usage controlling apparatus that 



2 (1) reads a type 1 key from a storage unit and a set 

3 including 

4 (a) main data, 

5 (b) an encrypted type 2 key produced by 

6 encrypting a type 2 key using the type 1 key, and 

7 (c) encrypted condition information produced 

8 by encrypting condition information using the type 

9 2 key 

10 from a recording medium on which n (where n is 

11 an integer no less than two) sets of main data, an 

12 encrypted type 2 key, and encrypted condition 

13 information are recorded, 

14 (2) decrypts the encrypted condition information 

15 using the type 2 key, and 

16 (3) controls usage of the read main data based on the 

17 condition information, 

18 the data usage controlling apparatus comprising: 

19 generating means for generating a new type 2 key in 
2 0 accordance with usage of the main data; 

21 first encrypting means for encrypting the condition 

22 information using the new type 2 key and replacing the 
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23 encrypted condition information on the recording medium 

24 with the newly encrypted condition information; 

25 decrypting means for decrypting all (n-1) encrypted 
2 6 type 2 keys on the recording medium that are not included 

27 in the read set using the type 1 key; 

28 updating means for updating the type 1 key in the 

29 storage unit after the decrypting means has decrypted all 

30 (n-1) encrypted type 2 keys; and 

31 second encrypting means for encrypting the (n-1) type 

32 2 keys and the new type 2 key using the updated type 1 key 

33 and replacing all n encrypted type 2 keys on the recording 

34 medium with the newly encrypted type 2 keys, 
1 

1 3. A data usage controlling apparatus in accordance with 

2 Claim 2, further comprising: 

3 second updating means for updating the condition 

4 information in accordance with usage of the read main data, 

5 wherein the first encrypting means encrypts the 

6 updated condition information using the new type 2 key and 

7 replaces the encrypted condition information on the 

8 recording medium with the encrypted updated condition 

9 information. 
1 

1 4 . A data usage controlling apparatus in accordance with 

2 Claim 3, 

3 wherein the generating means generates a new type 2 

4 key every time a user makes a predetermined number of uses 
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* * 

5 of the main data on the recording medium, and 

6 when the generating means has not generated a new type 

7 2 key, the first encrypting means re-encrypts the updated 

8 condition information using a same type 2 key as was used 

9 to decrypt the encrypted condition information. 
1 

1 5. A data usage controlling apparatus in accordance with 

2 Claim 2, 

3 wherein the main data in each set on the recording 

4 medium has been encrypted using a type 3 encryption key, 

5 the data usage controlling apparatus further 

6 comprising: 

7 obtaining means for obtaining the type 3 encryption 

8 key; and 

9 second decrypting means for decrypting the read main data 
10 using the obtained type 3 encryption key. 

1 

1 6. A data usage controlling apparatus in accordance with 

2 Claim 2, 

3 wherein the main data in each set on the recording 

4 medium has been encrypted using a type 3 encryption key 

5 that is unique to the data usage controlling apparatus, 

6 the data usage controlling apparatus further 

7 comprising: 

8 storing means for storing the type 3 encryption key; 

9 and 

10 second decrypting means for decrypting the read main data 
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11 using the stored type 3 encryption key. 
1 

1 7. A data usage controlling apparatus in accordance with 

2 Claim 2, 

3 wherein the updating means updates the type 1 key by 

4 performing a predetermined calculation on the read type 

5 1 key, 
1 

1 8. A data usage controlling apparatus in accordance with 

2 Claim 2, 

3 wherein the updating means updates the type 1 key by 

4 adding one to the read type 1 key. 
1 

1 9. A data usage controlling method that 

2 (1) reads a type 1 key from a storage unit and 

3 (a) main data, 

4 (b) an encrypted type 2 key produced by 

5 encrypting a type 2 key using the type 1 key, and 

6 (c) encrypted condition information produced 

7 by encrypting condition information using the type 

8 2 key 

9 from a recording medium, 

10 (2) decrypts the encrypted condition information 

11 using the type 2 key, and 

12 (3) controls usage of the read main data based on the 

13 condition information, 

14 the data usage controlling method comprising the 
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15 following steps: 

16 updating the condition information in accordance 

17 with usage of the main data; 

18 generating a new type 2 key in accordance with the 

19 usage of the main data; 

20 encrypting the updated condition information using 

21 the new type 2 key and replacing the encrypted condition 

22 information on the recording medium with the encrypted 

23 updated condition information; 

2 4 updating the type 1 key in accordance with the usage 

25 of the main data; and 

2 6 encrypting the new type 2 key using the updated type 

27 1 key and replacing the encrypted type 2 key on the 

28 recording medium with the encrypted new type 2 key. 
1 

1 10 . A computer-readable recording medium storing a program 

2 that 

3 (1) reads 

4 a type 1 key from a storage unit and 

5 (a) main data, 

6 (b) an encrypted type 2 key produced by 

7 encrypting a type 2 key using the type 1 key, and 

8 (c) encrypted condition information produced 

9 by encrypting condition information using the type 

10 2 key 

11 from a recording medium, 

12 (2) decrypts the encrypted condition information 
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13 using the type 2 key, and 

14 (3) controls usage of the read main data based on the 

15 condition information, 

16 the program including instructions for executing the 

17 following processes: 

18 updating the decrypted condition information in 

19 accordance with usage of the main data; 

20 generating a new type 2 key in accordance with usage 

21 of the main data; 

22 encrypting the updated condition information using 

23 the new type 2 key and replacing the encrypted condition 

24 information on the recording medium with the encrypted 
2 5 updated condition information; 

2 6 updating the type 1 key in accordance with usage of 

2 7 the main data; and 

28 encrypting the new type 2 key using the updated type 

2 9 1 key and replacing the encrypted type 2 key on the 

30 recording medium with the encrypted new type 2 key. 
31 
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ABSTRACT OF THE DISCLOSURE 

A data usage controlling apparatus that reads a type 

1 key. from a storage unit and (a) main data, (b) a type 

2 key that has been encrypted using the type 1 key, and 
5 (c) condition information that has been encrypted using 

the type 2 key from a recording medium, decrypts the 
condition information using the type 2 key, and controls 
usage of the read main data in accordance with the decrypted 
condition information. In accordance with usage of the 

10 main data, the decrypted condition information is updated, 
a new type 2 key is generated, and the stored type 1 key 
is updated. The updated condition information is 
encrypted using the new type 2 key and used to replace the 
encrypted condition information on the recording medium. 

15 The new type 2 key is encrypted using the updated type 1 
key and used to replace the encrypted type 2 key on the 
recording medium. 
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Docket No. I 




NAK1-RK74 



Declaration and Power of Attorney For Patent Application 

Engrish Language Declaration 

As a below named inventor, I hereby declare that: 

My residence, post office address and citizenship are as stated below next to my name, 

I believe I am the original, first and sole inventor (if only one name is listed below) or an original, 
first and joint Inventor (if plural names are listed below) of the subject matter which is claimed and for 
which a patent is sought on the invention entitled 

DATA USAGE CONTROIxLING APPAEIATUS THAT PREVENTS THE UNAUTHORIZED USE OF MAIN 
DATA BY UPDATING A TYPE 1 AND A TYPE 2 KEY USED FOR PROTECTING THE MAIN DATA 
IN ACCORDANCE WITH USAGE OF THE MAIN DATA 

the specification of which 



5 (check one) 

^13 is attached hereto. 
I □ was filed on 



as United States Application No. or PCT International 



Application Number 



and was amended on 



(if applicable) 



I hereby state that I have reviewed and understand the contents of the above identified specification, 
including the claims, as amended by any amendment referred to above. 

I acknowledge the duty to disclose to the United States Patent and Trademark Office all information 
known to me to be material to patentability as defined in Title 37, Code of Federal Regulations, 
Section 1.56. 

I hereby claim foreign priority benefits under Title 35, United States Code, Section 119(a)-(d) or 
Section 365(b) of any foreign application(s) for patent or inventor's certificate, or Section 365(a) of 
any PCT International application which designated at least one country other than the United 
States, listed below and have also identified below, by checking the box, any foreign application for 
patent or inventor's certificate or PCT International application having a filing date before that of the 
application on which priority is claimed. 



Prior Foreign App!ication(s) 



11-119442 



Japan 



(Number) 

2000-99573 

(hlumber) 



(Number) 



(Country) 

Japan 



(Country) 



(Country) 



27/April/1999 
(Day/MonthA'ear Filed) 
31/March/2Q00 
(Day/MonthA'ear Filed) 



(Day/Month/Year Filed) 



Priority Not Claimed 
□ 
□ 
□ 
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I hereby claim the bjenefit under 35 U.S.C. Section 119(e) of any United States provisional 
application(s) listed below: ^ - - 





^Filina Date'^ 

\| till I^J h^Wi^v J 


(Application Serial No.) 


(Filing Date) 


(Application Serial No.) 


(Filing Date) 



I hereby claim the benefit under 35 U. S. C. Section 120 of any United States application(s), or 
Section 365(c) of any PCT International application designating the United States, listed below and, 
insofar as the subject matter of each of the claims of this application is not disclosed in the prior 
United States or PCT International application in the manner provided by the first paragraph of 35 
U.S.C. Section 112, I acknowledge the duty to disclose to the United States Patent and Trademari< 
Cpffice all infonnation known to me to be material to patentability as defined in Title 37, C. F. R., 
iBection 1.56 which became available between the filing date of the prior application and the national 
:tbr PCT International filing date of this application: 



111 (Application Serial No.) 


(Filing Date) 


(Status) 




(patented, pending, abandoned) 


.p (Application Serial No.) 


(Filing Date) 


(Status) 




(patented, pending, abandoned) 


O (Application Serial No.) 


(Filing Date) 


(Status) 




(patented, pending, abandoned) 



I hereby declare that all statements made herein of my own knowledge are true and that all 
statements made on infonnation and belief are believed to be true; and further that these statements 
were made with the knowledge that willful false statements and the like so made are punishable by 
fine or imprisonment, or both, under Section 1001 of Title 18 of the United States Code and that 
such willful false statements may jeopardize the validity of the application or any patent issued 
thereon. 
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POWER OF ATTORrsfEY: As a named inventor, i hereby appoint the following attomey(s) and/or 
agent(s) to prosecute this application and transact all business in the Patent and Trademark Office 
connected therewith, (list name and registration number) 

Joseph W, Price, Reg. No* 25,124 Doyle B. Johnson, Reg. No. 39,240 

Albin BL Gess, Reg. No. 25,726 Michael J. Moffatt, Reg. No. 39,304 

Franklin D. Ubell, Reg. No. 27,009 Bradley D. Blanche, Reg. No. 38,387 



Send Correspondence to: ^«^P^ Price 

PRICE, GESS & UBELL 
2100 S.E. Main St, Ste. 250 
U Irvine, CA 92614 

Direct Telephone Calls to: (name and telephone number) 
Z] Joseph W. Price, 949/261-8433 



Full name of sole or first inventor 

Takatoshi ONO 



Sole or first inventor's signature ~ ~ ~ ~" ~ 

Su^A^'^-^lJU (Pa^ April 13, 2000 



Residence shiunsou 2-201, Azaoobuchi 53-2, Oaza Jimokuji, Jimokuji-cho, 

Ama-gun, Aichi-ken 490-1111 Japan 

Citizenship 



Japan 



Post Office Address 

same as residence 



Fuil name of second inventor, if any ~~ ~ " 

Shunji HARADA 

Residence ~ ~~ ~ ~ 

2-20-52, Tamadenishi, Nishinari-ku, Osaka-shi, Osaka- fu 557-0045 Japan 

Citizenslitp ~ ~ — — _ 

Japan 



Post Office Address 

same as residence 
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